Skip to main content

Dolibarr Erp Crm

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2021-47779 MEDIUM POC This Month

Dolibarr ERP-CRM 14.0.2 contains a stored cross-site scripting vulnerability in the ticket creation module that allows low-privilege users to inject malicious scripts. [CVSS 5.4 MEDIUM]

XSS Privilege Escalation Dolibarr Erp Crm
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2024-55228 PHP CRITICAL POC PATCH Act Now

A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Dolibarr Erp Crm
NVD GitHub
CVSS 3.1
9.0
EPSS
0.1%
CVE-2024-55227 PHP CRITICAL POC PATCH Act Now

A cross-site scripting (XSS) vulnerability in the Events/Agenda module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Dolibarr Erp Crm
NVD GitHub
CVSS 3.1
9.0
EPSS
0.3%
CVE-2021-47779
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Dolibarr ERP-CRM 14.0.2 contains a stored cross-site scripting vulnerability in the ticket creation module that allows low-privilege users to inject malicious scripts. [CVSS 5.4 MEDIUM]

XSS Privilege Escalation Dolibarr Erp Crm
NVD GitHub Exploit-DB
CVE-2024-55228 PHP
EPSS 0% CVSS 9.0
CRITICAL POC PATCH Act Now

A cross-site scripting (XSS) vulnerability in the Product module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Dolibarr Erp Crm
NVD GitHub
CVE-2024-55227 PHP
EPSS 0% CVSS 9.0
CRITICAL POC PATCH Act Now

A cross-site scripting (XSS) vulnerability in the Events/Agenda module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a crafted payload injected into the Title. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Dolibarr Erp Crm
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy